Launchpad CVE tracker

CVE 2009-4019

mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.

Related bugs and status

CVE-2009-4019 (Candidate) is related to these bugs:

Bug #323755: server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates

		In	Importance	Status
323755	server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates	mysql-dfsg-5.0 (Ubuntu)	High	Fix Released
323755	server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates	mysql-dfsg-5.1 (Ubuntu)	Undecided	Fix Released
323755	server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates	mysql-dfsg-5.0 (Ubuntu Hardy)	Undecided	Fix Released
323755	server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates	mysql-dfsg-5.1 (Ubuntu Hardy)	Undecided	Invalid
323755	server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates	mysql-dfsg-5.0 (Ubuntu Intrepid)	Undecided	Fix Released
323755	server-cert.pem expired: "Not After : Jan 27 08:54:13 2009 GMT" - ssl related test suites fails because of expired certificates	mysql-dfsg-5.1 (Ubuntu Intrepid)	Undecided	Invalid

Bug #937869: MySQL security update tracking bug

		In	Importance	Status
937869	MySQL security update tracking bug	mysql-5.1 (Ubuntu)	Undecided	Fix Released
937869	MySQL security update tracking bug	mysql-5.1 (Ubuntu Maverick)	Undecided	Fix Released
937869	MySQL security update tracking bug	mysql-5.1 (Ubuntu Natty)	Undecided	Fix Released
937869	MySQL security update tracking bug	mysql-5.1 (Ubuntu Oneiric)	Undecided	Fix Released
937869	MySQL security update tracking bug	mysql-dfsg-5.1 (Ubuntu)	Undecided	Fix Released
937869	MySQL security update tracking bug	mysql-dfsg-5.1 (Ubuntu Maverick)	Undecided	Invalid
937869	MySQL security update tracking bug	mysql-dfsg-5.1 (Ubuntu Natty)	Undecided	Invalid
937869	MySQL security update tracking bug	mysql-dfsg-5.1 (Ubuntu Oneiric)	Undecided	Invalid
937869	MySQL security update tracking bug	mysql-5.1 (Ubuntu Lucid)	Undecided	Invalid
937869	MySQL security update tracking bug	mysql-dfsg-5.1 (Ubuntu Lucid)	Undecided	Fix Released
937869	MySQL security update tracking bug	mysql-dfsg-5.0 (Ubuntu)	Undecided	Fix Released
937869	MySQL security update tracking bug	mysql-dfsg-5.0 (Ubuntu Lucid)	Undecided	Invalid
937869	MySQL security update tracking bug	mysql-dfsg-5.0 (Ubuntu Maverick)	Undecided	Invalid
937869	MySQL security update tracking bug	mysql-dfsg-5.0 (Ubuntu Natty)	Undecided	Invalid
937869	MySQL security update tracking bug	mysql-dfsg-5.0 (Ubuntu Oneiric)	Undecided	Invalid
937869	MySQL security update tracking bug	mysql-5.1 (Ubuntu Hardy)	Undecided	Invalid
937869	MySQL security update tracking bug	mysql-dfsg-5.0 (Ubuntu Hardy)	Undecided	Fix Released
937869	MySQL security update tracking bug	mysql-dfsg-5.1 (Ubuntu Hardy)	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2009-4019

References